[Dnsmasq-discuss] RFC6303 support - especially IPv6
Simon Kelley
simon at thekelleys.org.uk
Tue Oct 20 21:26:21 BST 2015
On 19/10/15 14:01, Kevin Darbyshire-Bryant wrote:
> Hi Simon,
>
> I wonder if I could encourage you to look at extending the 'bogus-priv'
> option to include some IPv6 zones? In essence dnsmasq is currently
> forwarding ipv6 link-local reverse queries when in reality root servers
> aren't going to know anything. Looking in the archives I see ipv6
> reverses & 'bogus-priv' has been brought up before, and typically
> stalled on deciding what to block. I think RFC6303 answers those
> questions to a large extent.
>
> Attached is a patch to include extra IPv4 zones that are listed in that
> document. Maybe it'll help reduce some typing, though I'm concerned it
> may also affect 'rebind zones' which I'm much less confident about :-)
> I couldn't find any IPv6 filtering otherwise I would have extended that too.
Patch applied. I'll do the equivalent for IPv6 soon.
Cheers,
Simon.
>
> IPv6 Zones I'm currently filtering as per that document are:
>
>
> '/d.f.ip6.arpa/'
> '/8.e.f.ip6.arpa/'
> '/9.e.f.ip6.arpa/'
> '/a.e.f.ip6.arpa/'
> '/b.e.f.ip6.arpa/'
> '/0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/'
> '/1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/'
>
>
> I've another more controversial idea that I'll put as another email as I
> think it'll generate much more traffic!
>
> Cheers,
>
> Kevin
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
More information about the Dnsmasq-discuss
mailing list